'PCRegFixer Registry Cleaner' Tech Support Scam
Posted: August 14, 2017
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 2/10 |
|---|---|
| Infected PCs: | 33 |
| First Seen: | August 14, 2017 |
|---|---|
| Last Seen: | October 5, 2022 |
| OS(es) Affected: | Windows |
The 'PCRegFixer Registry Cleaner' tech support scam is a pop-up attack associated with fake Registry cleaners and corrupted website content. Threat actors whose phone numbers these messages promote may attempt to lock you out of your PC, collect information, or force you to pay money for fraudulent products. Use your anti-malware programs to terminate any symptoms or software related to this hoax and treat any information transferred to entities related to it as being compromised.
A Cleaner Software that's Cleaning out More than Your Registry
The division between a ransom-based attack against your computer and simple adware may seem relatively obvious, but con artists often blur these categorizations with both threatening software and misleading tactics. A recent iteration of a fake Registry cleaner campaign noted as the 'PCRegFixer Registry Cleaner' tech support scam currently, also has ties to related attacks that could do more than just encourage you to spend money on a non-working program. With sufficient access to your PC, the responsible threat actors also may lock you out of your computer completely.
Malware experts are finding limited characteristics of noteworthiness in the PCRegFixer product, which is a conventional, fake 'system-cleaning' Registry scanner. This program pretends to scan your PC for security vulnerabilities and other errors, such as corrupt Registry entries. Both this program and the websites related to it may use pop-ups for promoting its technical support hotline to purchase the 'full version' and removing these fake threats.
The odder aspect of the 'PCRegFixer Registry Cleaner' tech support scam appears with its prolonged interaction with the threat actors, who pose as technical support employees with various companies, such as Microsoft and Apple. They may ask the victim to grant them remote access to the PC. On Windows PCs, victims following these instructions may lock themselves out of their computers by allowing the remote attacker to exploit the default Windows component of Syskey, an encryption utility that also can protect the start-up process with a password. While this attack is much more invasive than it is traditional for such a tactic, it also gives the threat actors extra leverage for demanding money.
Fixing a Security Problem before It Fixes Your PC for Good
A safe counter-response to network-related phishing tactics like the 'PCRegFixer Registry Cleaner' tech support scam always includes disconnecting the compromised PC from the Internet, to prevent any threat actors from making additional changes to your computer. If their system backup data is intact, the users may be able to use the System Restore feature to revert to an earlier, non-password-protected state. In emergencies, there also are free Registry editing programs that can help victims reset their Syskey passwords outside of Windows, although wrong Registry values can cause further damage to the operating system.
For protecting your PC from any initial exposure to a 'PCRegFixer Registry Cleaner' tech support scam, malware experts recommend monitoring the infection vectors that most often associate with scamware. Disabling Flash, Java, and JavaScript, as well as blocking advertising content and pop-up windows can eliminate many in-browser vulnerabilities. Anti-malware programs also may include corrupted website-blocking features and detect any disguised installers for PCRegFixer.
Whether this fake technical support team aims for just a little money or total control over your computer, the 'PCRegFixer Registry Cleaner' tech support scam is a multifaceted security. However, even the best tactic only works with the unintentional help of the victim's poor security practices and tendencies towards self-endangerment.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.